Toutes nos publications

Remote Buffer Overflow in StrongSwan + TKM

The TKM-backed version of the charon IKE daemon (charon-tkm) doesn’t check the length of received Diffie-Hellman public values before copying them to a fixed-size buffer on the stack, causing a buffer overflow that could potentially be exploited for remote code execution by sending a specially crafted and unauthenticated IKE_SA_INIT message.

All strongSwan versions since 5.3.0, up to and including 5.9.11 are affected.

Setups that don’t use charon-tkm as IKE daemon are not vulnerable. The charon-tkm version that supports multiple key exchanges (tkm-multi-ke branch on GitHub) is not vulnerable either.